Articles about Malware

Hacker

Kaspersky: Clumsy NSA leak snoop's PC was packed with malware

Kaspersky Lab, the US government's least favorite computer security outfit, has published its full technical report into claims Russian intelligence used its antivirus tools to steal NSA secrets. Last month, anonymous sources alleged that in 2015, an NSA engineer took home a big bunch of the agency's cyber-weapons to work on …
Iain Thomson, 16 Nov 2017

Crouching cyber Hidden Cobra: US warns Nork hackers are at it again with new software nasty

The FBI and US Homeland Security have issued an alert about a new strain of malware infecting American corporate systems and stealing sensitive data. The remote access trojan (RAT), dubbed Fallchill, is the work of a North Korean hacking group called Hidden Cobra, which some at US-CERT believe was responsible for the WannaCry …
Iain Thomson, 15 Nov 2017
OnePlus 2 backs

Heads up: OnePlus phones have a secret root backdoor and the password is 'angela'

Updated An apparent factory cockup has left OnePlus Android smartphones with an exposed diagnostics tool that can be potentially exploited to root the handsets. Security researcher Robert Baptiste suggested the EngineerMode APK was made by Qualcomm, and was intended to be used by factory staff to test phones for basic functionality …
Shaun Nichols, 14 Nov 2017
threats image

Microsoft pals up with partners for threat-hunting

Windows Defender Advanced Threat Protection first landed as a public preview in September, and now its general availability, Microsoft has announced a bunch of partners to give it cross-platform support: Bitdefender for Linux and macOS, Lookout for iOS and Android, and Ziften for macOS and Linux). With Bitdefender's …

Crumbs! Crunchyroll distributed malware for a couple of hours

Popular anime streamer Crunchyroll is warning users to check their systems for malware, after attackers got access to its Cloudflare config and targeted Windows users with a malicious file. The attack only lasted 150 minutes – from 0330 to 0600 Pacific Time on Sunday November 5 (when owner Ellation took the site down). As the …
malware_security_648

Hackers abusing digital certs smuggle malware past security scanners

Malware writers are widely abusing stolen digital code-signing certificates, according to new research. Malware that is signed with compromised certificates creates a means for hackers to bypass system protection mechanisms based on code signing. The tactic extends far beyond high profile cyber-spying ops, such as the Stuxnet …
John Leyden, 1 Nov 2017
Image by Dr Flash http://www.shutterstock.com/gallery-182053p1.html

Bootkit ransomware baddy hops down BadRabbit hole in Japan

A new strain of ransomware is apparently being used for targeted attacks in Japan. MBR-ONI, a new bootkit ransomware, relies on modified version of a legitimate open-source disk encryption utility called DiskCryptor for its encryption routines – the same tool abused by the Bad Rabbit ransomware last week. While ONI and the …
John Leyden, 31 Oct 2017

Reaper IoT botnet ain't so scary, contains fewer than 20,000 drones

The Reaper IoT botnet is nowhere near as threatening as previously suggested, according to new research. Check Point Software Technologies warned last week that a new IoT botnet might have already infected "an estimated million organisations". Boffins at Arbor Networks, however, estimate that the actual size of the Reaper …
John Leyden, 27 Oct 2017

Hop on, Average Rabbit: Latest extortionware menace flopped

As the dust settles from Tuesday's Bad Rabbit ransomware outbreak, it's already clear that it is far less severe than the WannaCrypt and NotPetya infections from earlier this year. Bad Rabbit claimed notable victims including the media agency Interfax and was largely contained in Russia and Ukraine, as previously reported. …
John Leyden, 26 Oct 2017
Android

Google Play Protect is 'dead last' at fingering malware on Android

Last month, German software testing laboratory AV-Test threw malware at 20 Android antivirus systems – and now the results aren't particularly great for Google. Its Play Protect system, which is supposed block malicious apps from running on your handheld, was beaten by every other anti-malware vendor. When exposed to recent …
Iain Thomson, 26 Oct 2017

Watership downtime: BadRabbit encrypts Russian media, Ukraine transport hub PCs

Updated Computers at Russian media outlets and Ukraine's transport hubs were among Windows PCs infected and shut down today by another fast-spreading strain of ransomware. Corporate systems within Interfax and two other major Russian news publishers had their files encrypted and held to ransom by malware dubbed BadRabbit. In Ukraine, …
John Leyden, 24 Oct 2017
Elmedia

Malware hidden in vid app is so nasty, victims should wipe their Macs

It's going to be an unpleasant weekend for some Mac users who are facing a complete system wipe and reinstall – after hackers stashed malware in legitimate applications. Eltima Software, which makes the popular Elmedia Player and download manager Folx, today confessed the latest versions of those two apps came with an …
Iain Thomson, 20 Oct 2017

Canadian govt snoops emit their own malware detection tool, eh

Canada's Communications Security Establishment has open-sourced its own malware detection tool. The Communications Security Establishment (CSE) is a signals intelligence agency roughly equivalent to the United Kingdom's GCHQ, the USA's NSA and Australia's Signals Directorate. It has both intelligence-gathering and advisory …
Simon Sharwood, 20 Oct 2017
old

Watch out for Microsoft Word DDE nasties: Now Freddie Mac menaced

Updated Malware exploiting Microsoft Word's DDE features to infect computers has been lobbed at US government-backed mortgage biz Freddie Mac. Well-crafted phishing emails were sent to staff promising free tickets to a Halloween event at a nearby Six Flags amusement park. If employees click through a link in the message, they're …
Iain Thomson, 17 Oct 2017
lock

Android ransomware DoubleLocker encrypts data and changes PINs

Crooks have come up with a strain of Android ransomware that both encrypts user data and locks victims out of compromised devices by changing PINs. DoubleLocker combines a cunning infection mechanism with two powerful tools for extorting money from its victims. "Its payload can change the device's PIN, preventing the victim …
John Leyden, 13 Oct 2017
League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC

Ouch: Brit council still staggering weeks after ransomware bit its PCs

A ransomware assault late last month is continuing to affect the operations of Copeland Borough Council in the northwest of England. The processing of planning applications is still being affected weeks after a major cyberattack hit the council in rural North West England. The planning application for a housing development of …
John Leyden, 29 Sep 2017

Google reveals Android Robocop AI to spot and destroy malware

In its ongoing quest to trap and kill Android malware, Google has, as usual, turned to machine learning – and is reporting some success. Speaking at the Structure Security conference in San Francisco today, Adrian Ludwig, head of Android security, said the ads giant has trained systems using telemetry data from handsets – …
Iain Thomson, 26 Sep 2017

IT plonker stuffed 'destructive' logic bomb into US Army servers in contract revenge attack

An IT contractor is facing a possible decade behind bars in America for planting a ticking "destructive" time bomb in US military systems. After a three-day trial this week, Mittesh Das, 48, of Atlanta, Georgia, was found guilty by a jury in North Carolina of knowingly transmitting malicious code with the intent of causing …
Iain Thomson, 22 Sep 2017

Create a news alert about Malware, or find more stories about Malware.

Biting the hand that feeds IT © 1998–2017